Month: February 2018

Overview

Many companies have multiple remote offices which need secure network connectivity with the headquarters or between them. This can be achieved by using a site-to-site VPN setup which allows offices in multiple fixed locations to establish secure connections and share resources with each other over a public network such as the Internet. Cisco ASA supports the IPsec protocol for configuring an site-to-site VPN tunnel. IPsec works by authenticating and encrypting each IP packet of a communication session and uses the Internet Key Exchange (IKE) protocol to negotiate and establish a secure VPN tunnel. The original IKE version 1 is defined in RFC 2409 and the IKE version 2 (IKEv2) is defined in RFC 5996. Cisco introduced support for IKEv2 beginning with ASA version 8.4 but in this article we will focus only on the legacy IKEv1 implementation.